A new Lua-based malware, called LucidRook, is being used in spear-phishing campaigns targeting non-governmental organizations and universities in Taiwan. […]
Threat actors using a previously undocumented phishing-as-a-service (PhaaS) platform called „VENOM“ are targeting credentials of C-suite executives across multiple industries. […]
Victims don’t need to match the cyber espionage group’s technical sophistication, experts say. But patching and some form of zero trust are now non-negotiable.
Under the alias ‚Chaotic Eclipse,‘ a researcher released a PoC exploit for a zero-day flaw that allows for system takeover by a local user, citing an undisclosed beef with Microsoft.
Dutch healthcare software vendor ChipSoft has been impacted by a ransomware attack that forced the company to take offline its website and digital services for patients and healthcare providers. […]
Google has rolled out Device Bound Session Credentials (DBSC) protection in Chrome 146 for Windows, designed to block info-stealing malware from harvesting session cookies. […]